diff --git a/cmd/dlt/accountroles/cmd.go b/cmd/dlt/accountroles/cmd.go index 6ae717a0da..d778b0e90a 100644 --- a/cmd/dlt/accountroles/cmd.go +++ b/cmd/dlt/accountroles/cmd.go @@ -37,10 +37,15 @@ import ( "github.com/openshift/rosa/pkg/rosa" ) +const ( + deleteHcpSharedVpcPoliciesFlagName = "delete-hcp-shared-vpc-policies" +) + var args struct { - prefix string - hostedCP bool - classic bool + prefix string + hostedCP bool + classic bool + deleteHcpSharedVpcPolicies bool } var Cmd = &cobra.Command{ @@ -79,6 +84,13 @@ func init() { "Delete classic account roles", ) + flags.BoolVar( + &args.deleteHcpSharedVpcPolicies, + deleteHcpSharedVpcPoliciesFlagName, + false, + "Deletes the Hosted Control Plane shared vpc policies", + ) + interactive.AddModeFlag(Cmd) confirm.AddFlag(flags) } @@ -153,7 +165,7 @@ func run(cmd *cobra.Command, _ []string) { } if deleteClassic { - err = deleteAccountRoles(r, env, prefix, clusters, mode, false) + err = deleteAccountRoles(r, cmd, env, prefix, clusters, mode, false) if err != nil { r.Reporter.Errorf("%s", err) os.Exit(1) @@ -165,7 +177,7 @@ func run(cmd *cobra.Command, _ []string) { } if deleteHostedCP { - err = deleteAccountRoles(r, env, prefix, clusters, mode, true) + err = deleteAccountRoles(r, cmd, env, prefix, clusters, mode, true) if err != nil { r.Reporter.Errorf("%s", err) os.Exit(1) @@ -182,8 +194,8 @@ func setDeleteRoles(isClassicFlagSet bool, isHostedCPFlagSet bool) (bool, bool) return isClassicFlagSet, isHostedCPFlagSet } -func deleteAccountRoles(r *rosa.Runtime, env string, prefix string, clusters []*cmv1.Cluster, mode string, - hostedCP bool) error { +func deleteAccountRoles(r *rosa.Runtime, cmd *cobra.Command, env string, prefix string, clusters []*cmv1.Cluster, + mode string, hostedCP bool) error { var accountRolesMap map[string]aws.AccountRole var roleTypeString string if hostedCP { @@ -203,28 +215,32 @@ func deleteAccountRoles(r *rosa.Runtime, env string, prefix string, clusters []* return nil } + deleteHcpSharedVpcPolicies := args.deleteHcpSharedVpcPolicies + switch mode { case interactive.ModeAuto: r.Reporter.Infof(fmt.Sprintf("Deleting %saccount roles", roleTypeString)) r.OCMClient.LogEvent("ROSADeleteAccountRoleModeAuto", nil) - deleteHcpSharedVpcPolicies := false - if roles.CheckIfRolesAreHcpSharedVpc(r, finalRoleList) { - deleteHcpSharedVpcPolicies = confirm.Prompt(true, "Attempt to delete Hosted CP shared VPC"+ - " policies?") + if roles.CheckIfRolesAreHcpSharedVpc(r, finalRoleList) && + !cmd.Flag(deleteHcpSharedVpcPoliciesFlagName).Changed { + deleteHcpSharedVpcPolicies = confirm.Prompt(true, "Attempt to delete Hosted CP shared VPC policies?") } - for _, role := range finalRoleList { - if !confirm.Prompt(true, "Delete the account role '%s'?", role) { - continue - } - r.Reporter.Infof("Deleting account role '%s'", role) - err := r.AWSClient.DeleteAccountRole(role, prefix, managedPolicies, deleteHcpSharedVpcPolicies) - if err != nil { - r.Reporter.Warnf("There was an error deleting the account roles or policies: %s", err) - continue + + if deleteHcpSharedVpcPolicies { + for _, role := range finalRoleList { + if !confirm.Prompt(true, "Delete the account role '%s'?", role) { + continue + } + r.Reporter.Infof("Deleting account role '%s'", role) + err := r.AWSClient.DeleteAccountRole(role, prefix, managedPolicies, deleteHcpSharedVpcPolicies) + if err != nil { + r.Reporter.Warnf("There was an error deleting the account roles or policies: %s", err) + continue + } } + r.Reporter.Infof(fmt.Sprintf("Successfully deleted the %s account roles", roleTypeString)) } - r.Reporter.Infof(fmt.Sprintf("Successfully deleted the %saccount roles", roleTypeString)) case interactive.ModeManual: r.OCMClient.LogEvent("ROSADeleteAccountRoleModeManual", nil) policyMap, arbitraryPolicyMap, err := r.AWSClient.GetAccountRolePolicies(finalRoleList, prefix) @@ -234,8 +250,7 @@ func deleteAccountRoles(r *rosa.Runtime, env string, prefix string, clusters []* // Get HCP shared vpc policy details if the user is deleting roles related to HCP shared vpc policiesOutput := make([]*iam.GetPolicyOutput, 0) - if roles.CheckIfRolesAreHcpSharedVpc(r, finalRoleList) && - confirm.Prompt(true, "Create commands to delete Hosted CP shared VPC policies?") { + if roles.CheckIfRolesAreHcpSharedVpc(r, finalRoleList) && deleteHcpSharedVpcPolicies { for _, role := range finalRoleList { policies, err := r.AWSClient.GetPolicyDetailsFromRole(awssdk.String(role)) policiesOutput = append(policiesOutput, policies...) diff --git a/cmd/dlt/operatorrole/cmd.go b/cmd/dlt/operatorrole/cmd.go index 7eca1af96c..127f312726 100644 --- a/cmd/dlt/operatorrole/cmd.go +++ b/cmd/dlt/operatorrole/cmd.go @@ -39,11 +39,13 @@ import ( ) const ( - PrefixFlag = "prefix" + PrefixFlag = "prefix" + deleteHcpSharedVpcPoliciesFlagName = "delete-hcp-shared-vpc-policies" ) var args struct { - prefix string + prefix string + deleteHcpSharedVpcPolicies bool } var Cmd = &cobra.Command{ @@ -67,6 +69,13 @@ func init() { "Operator role prefix, this flag needs to be used in case of reusable OIDC Config", ) + flags.BoolVar( + &args.deleteHcpSharedVpcPolicies, + deleteHcpSharedVpcPoliciesFlagName, + false, + "Deletes the Hosted Control Plane shared vpc policies", + ) + ocm.AddOptionalClusterFlag(Cmd) interactive.AddModeFlag(Cmd) confirm.AddFlag(flags) @@ -226,8 +235,9 @@ func run(cmd *cobra.Command, _ []string) { r.OCMClient.LogEvent("ROSADeleteOperatorroleModeAuto", nil) // Only ask user if they want to delete policies if they are deleting HcpSharedVpc roles - deleteHcpSharedVpcPolicies := false - if roles.CheckIfRolesAreHcpSharedVpc(r, foundOperatorRoles) { + deleteHcpSharedVpcPolicies := args.deleteHcpSharedVpcPolicies + if roles.CheckIfRolesAreHcpSharedVpc(r, foundOperatorRoles) && + !cmd.Flag(deleteHcpSharedVpcPoliciesFlagName).Changed { deleteHcpSharedVpcPolicies = confirm.Prompt(true, "Attempt to delete Hosted CP shared VPC policies?") } allSharedVpcPoliciesNotDeleted := make(map[string]bool) @@ -276,8 +286,7 @@ func run(cmd *cobra.Command, _ []string) { // Get HCP shared vpc policy details if the user is deleting roles related to HCP shared vpc policiesOutput := make([]*iam.GetPolicyOutput, 0) - if roles.CheckIfRolesAreHcpSharedVpc(r, foundOperatorRoles) && - confirm.Prompt(true, "Create commands to delete Hosted CP shared VPC policies?") { + if roles.CheckIfRolesAreHcpSharedVpc(r, foundOperatorRoles) && args.deleteHcpSharedVpcPolicies { for _, role := range foundOperatorRoles { policies, err := r.AWSClient.GetPolicyDetailsFromRole(awssdk.String(role)) policiesOutput = append(policiesOutput, policies...) diff --git a/cmd/rosa/structure_test/command_args/rosa/delete/account-roles/command_args.yml b/cmd/rosa/structure_test/command_args/rosa/delete/account-roles/command_args.yml index e2077fed03..c3b400b951 100644 --- a/cmd/rosa/structure_test/command_args/rosa/delete/account-roles/command_args.yml +++ b/cmd/rosa/structure_test/command_args/rosa/delete/account-roles/command_args.yml @@ -4,4 +4,5 @@ - name: prefix - name: profile - name: region +- name: delete-hcp-shared-vpc-policies - name: "yes" diff --git a/cmd/rosa/structure_test/command_args/rosa/delete/operator-roles/command_args.yml b/cmd/rosa/structure_test/command_args/rosa/delete/operator-roles/command_args.yml index e8572f64ce..91225a2341 100644 --- a/cmd/rosa/structure_test/command_args/rosa/delete/operator-roles/command_args.yml +++ b/cmd/rosa/structure_test/command_args/rosa/delete/operator-roles/command_args.yml @@ -3,4 +3,5 @@ - name: prefix - name: profile - name: region +- name: delete-hcp-shared-vpc-policies - name: "yes"